Fedora 39 : wireshark (2024-b72131479b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b72131479b advisory. New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208. Tenable has extracted the preceding description...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2023:4938-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4938-1 advisory. - The NetScreen file parser could crash. It may be possible to make Wireshark crash by injecting a...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-440)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-440 advisory. SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file CVE-2023-6174 A heap based buffer overflow in Wireshark's NetScreen file...

Medium: wireshark

Issue Overview: SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file CVE-2023-6174 A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file...

Medium: wireshark

Issue Overview: A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file. CVE-2023-6175 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...

Amazon Linux 2 : wireshark (ALAS-2023-2348)

The version of wireshark installed on the remote host is prior to 2.6.2-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2348 advisory. A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted...

Heap-based Buffer Overflow

wireshark is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused due to a component NetScreen file parser which could crash. An attacker can crash Wireshark by injecting a malformed packet onto the wire or making a user to read a malformed packet trace file...

OESA-2023-1847 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: A heap-based buffer overflow was found in Wireshark's NetScreen file parser. This issue may allow loc...

Debian DSA-5559-1 : wireshark - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5559 advisory. A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the executio...

SUSE CVE-2023-6175

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file...

CVE-2023-6175

A heap-based buffer overflow was found in Wireshark's NetScreen file parser. This issue may allow local arbitrary code execution via a crafted capture file...

Wireshark 4.0.x < 4.0.11 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 4.0.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.11 advisory. - The SSH dissector could crash. It may be possible to make Wireshark crash or consume excessive CPU resources b...

Wireshark Security Vulnerabilities

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in Wireshark that stems from a buffer overflow vulnerability in...

Wireshark 3.6.x < 3.6.19 A Vulnerability (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.6.19. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.6.19 advisory. - The NetScreen file parser could crash. It may be possible to make Wireshark crash by injecting a malformed...

Wireshark 4.0.x < 4.0.11 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.0.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.11 advisory. - The SSH dissector could crash. It may be possible to make Wireshark crash or consume excessive CPU...

PT-2023-7176 · Wireshark +3 · Wireshark +3

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.6.0 through 3.6.18 Wireshark versions 4.0.0 through 4.0.10 Description: The issue is related to a NetScreen file parser crash in Wireshark, which can be exploited to cause a denial of service via a crafted capture file...

Wireshark 3.6.x < 3.6.19 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 3.6.19. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.6.19 advisory. - The NetScreen file parser could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto...

SUSE CVE-2009-0599

Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service application crash via a malformed NetScreen snoop file...

SUSE CVE-2016-5357

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service application crash via a crafted file...

Mageia: Security Advisory (MGASA-2016-0223)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...